It is important to bear in mind where the code is being run - if this is something running on a researcher’s own system, they almost certainly have lots of other ways of messing it up. These kind of security vulnerabilities are normally only relevant when you are running code that came from somewhere else.
That being said, this use case sounds like it could work with the Jupyter notebook. If you want something that is like typing code into a .py file but evaluated at run time instead, why not just use an interactive Python REPL instead of eval(input()). Ben > On 27 Oct 2016, at 17:52, Benjamin Root <ben.v.r...@gmail.com> wrote: > > "only be used by engineers/scientists for research" > > Famous last words. I know plenty of scientists who would love to "do > research" with an exposed eval(). Full disclosure, I personally added a > security hole into matplotlib thinking I covered all my bases in protecting > an eval() statement. > > Ben Root > > On Thu, Oct 27, 2016 at 4:21 PM, djxvillain <djxvill...@gmail.com > <mailto:djxvill...@gmail.com>> wrote: > This will not be a public product and will only be used by other > engineers/scientists for research. I don't think security should be a huge > issue, but I appreciate your input and concern for the quality of my code. > > > > -- > View this message in context: > http://numpy-discussion.10968.n7.nabble.com/How-to-use-user-input-as-equation-directly-tp43665p43670.html > > <http://numpy-discussion.10968.n7.nabble.com/How-to-use-user-input-as-equation-directly-tp43665p43670.html> > Sent from the Numpy-discussion mailing list archive at Nabble.com. > _______________________________________________ > NumPy-Discussion mailing list > NumPy-Discussion@scipy.org <mailto:NumPy-Discussion@scipy.org> > https://mail.scipy.org/mailman/listinfo/numpy-discussion > <https://mail.scipy.org/mailman/listinfo/numpy-discussion> > > _______________________________________________ > NumPy-Discussion mailing list > NumPy-Discussion@scipy.org > https://mail.scipy.org/mailman/listinfo/numpy-discussion
_______________________________________________ NumPy-Discussion mailing list NumPy-Discussion@scipy.org https://mail.scipy.org/mailman/listinfo/numpy-discussion